1. Field
The present invention relates to product authentication based upon a hyperelliptic curve equation and a curve pairing function.
2. Relevant Background
Computing devices are routinely used at work, at home, and everywhere else. Computing devices advantageously enable electronic communication, data sharing (e.g., documents, pictures, music, film, multimedia, etc.), the use of application-specific software, access to information for electronic commerce through the Internet and other computing networks. The term computing device generally refers to desktop computers, server computers, laptop computers, mobile computing devices (e.g., personal digital assistant (PDA), smart phones, tablet computers, cellular phones, etc.), as well as any other type of computer system.
Application software may be utilized by computing devices to implement a wide variety of different types of functions. Application software may be purchased from a vendor and installed on a computing device by storage media (e.g. a compact disk (CD)) or may be downloaded wirelessly or through the Internet for installation on the computing device. However, security and authentication for the purchase and use of such application software has become increasingly important to application software developers.
One manner in which these concerns have been addressed is by the use of cryptographic techniques involving a key-based cipher. Using a key-based cipher, sequences of intelligible data (typically referred to as plaintext) that collectively form a message are mathematically transformed, through an enciphering process, into seemingly unintelligible data (typically referred to as ciphertext). The enciphering can be reversed, allowing recipients of the ciphertext with the appropriate key to transform the ciphertext back to plaintext, while making it difficult for those without the appropriate key to recover the plaintext.
Public-key cryptographic techniques are one type of key-based cipher. In public-key cryptography, each communicating party has a public/private key pair. The public key of each pair is made publicly available (or at least available to others who are intended to send encrypted communications), but the private key is kept secret. In order to communicate a plaintext message using encryption to a receiving party, an originating party encrypts the plaintext message into a ciphertext message using the public key of the receiving party and communicates the ciphertext message to the receiving party. Upon receipt of the ciphertext message, the receiving party decrypts the message using its secret private key, and thereby recovers the original plaintext message.
One area for the use of cryptographic techniques is product authentication. Product authentication can be required anywhere a party or a machine must prove that it is authorized to access or use a product or service. An example of such a situation is in a product ID system for a software program(s), where a user must hand-enter a product ID sequence stamped on the outside of the properly licensed software package as proof that the software has been properly paid for. If the product ID sequence is too long, then it will be cumbersome and not user friendly.
Thus, the product ID sequence (termed hereinafter product activation code) is a sequence of symbols which can be printed outside the container of a software, firmware, or hardware product, or delivered via other means (such as downloaded via the Internet or wirelessly), which needs to be entered by the end user by hand such the product performs subsequent operations to authenticate the product. A production activation code authenticates the product and is useful for protecting the product from unauthorized use and piracy.
However, prior “secret” cryptographic algorithms that have been used in the past, as previously described, may be easily discovered, reversed engineered, and can be broken such that these types of secret algorithms are intrinsically weak. Further, product activation codes that are currently used with these secret algorithms typically require relatively large product activation codes (e.g., often over 30 key strokes). Therefore, techniques are sought after to implement very strong authentication procedures with relatively small product activation codes.